Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
View Poll Results: Is this over kill?
No way! good idea! every bit helps Stop spamers dead 3 42.86%
Yes 550 happens you will lose mail and regret it! 0 0%
Sure maybe limit 4 attempts on a small host would really help! 1 14.29%
Tell me how that works out. If it works I want that! 3 42.86%
Voters: 7. You may not vote on this poll

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 18th November 2008, 02:20
frank2 frank2 is offline
Junior Member
 
Join Date: Nov 2008
Posts: 6
Thanks: 0
Thanked 1 Time in 1 Post
Default fail2ban maybe help ease postfix from spammers

I been playing with finding a way to reduce spam. I am debian user who has a ispconfig setup and noticed fail2ban has added some support for email

but nothing to deal with
"rejected: User unknown in local recipient table" messages

Now I am not a expert. But one thing I know is security usualy causes lotsa problems when you try to go the extra mile.

so I thought I would run it by some of you before I actualy sit down and start running it ..

i will run it on one domain first to see if it makes a diffrence.

I am unsure if it will effect email forwards though? anyones thoughts

here is the filter I found on the net showing a 554 error from mail log

Quote:
failregex = reject: (?:RCPT|VRFY) from [a-zA-Z.0-9-]*.(?P<host>[0-9.]*).:
(?:.*Relay access denied|554 Service unavailable; Client host \S* blocked
using|(?:Sender|Recipient) address rejected)
here is what I am wanting to do with it is form it to block 550 errors and I could use some help
Quote:
failregex = reject: RCPT from (.*)\[<HOST>\]: 550
so before I start losing mail and screw things up what do you think?!

now I figure from my logs it looks like they try like 4-5 times.. how many ligit ones get through 4 5 mistakes and even if they do a delay is no big deal is it?

not sure what I am talking about.

then take a look at some of these from my mail.log these evil name harvesting bots eating up cpu time, memory and bandwidth. we can go on all day how bad spam is. ever little bit will helf x 10 fold So I am crying for some tips here!
Quote:
Nov 16 13:46:26 s1host postfix/smtpd[27185]: NOQUEUE: reject: RCPT from ppp94-29-84-75.pppoe.spdop.ru[94.29.84.75]: 550 5.1.1 <garner@ domain.com>: Recipient address rejected: User unknown in local recipient table; from=<haileydoreen_de@minpost.nu> to=<garner@ domain.com> proto=ESMTP helo=<rqnyt>
Nov 16 13:46:26 s1host postfix/smtpd[27185]: NOQUEUE: reject: RCPT from ppp94-29-84-75.pppoe.spdop.ru[94.29.84.75]: 550 5.1.1 <barrett@ domain.com>: Recipient address rejected: User unknown in local recipient table; from=<haileydoreen_de@minpost.nu> to=<barrett@ domain.com> proto=ESMTP helo=<rqnyt>
Nov 16 13:46:26 s1host postfix/smtpd[27185]: NOQUEUE: reject: RCPT from ppp94-29-84-75.pppoe.spdop.ru[94.29.84.75]: 550 5.1.1 <love@ domain.com>: Recipient address rejected: User unknown in local recipient table; from=<haileydoreen_de@minpost.nu> to=<love@ domain.com> proto=ESMTP helo=<rqnyt>
Nov 16 13:46:26 s1host postfix/smtpd[27185]: B0130EE05B: client=ppp94-29-84-75.pppoe.spdop.ru[94.29.84.75]
Nov 16 13:46:26 s1host postfix/smtpd[27185]: B0130EE05B: reject: RCPT from ppp94-29-84-75.pppoe.spdop.ru[94.29.84.75]: 550 5.1.1 <bates@ domain.com>: Recipient address rejected: User unknown in local recipient table; from=<haileydoreen_de@minpost.nu> to=<bates@ domain.com> proto=ESMTP helo=<rqnyt>
Nov 16 13:46:27 s1host postfix/smtpd[27185]: NOQUEUE: reject: RCPT from ppp94-29-84-75.pppoe.spdop.ru[94.29.84.75]: 550 5.1.1 <ellis@ domain.com>: Recipient address rejected: User unknown in local recipient table; from=<augustina.marthbo@minpost.nu> to=<ellis@ domain.com> proto=ESMTP helo=<rqnyt>
Nov 16 13:46:27 s1host postfix/smtpd[27185]: NOQUEUE: reject: RCPT from ppp94-29-84-75.pppoe.spdop.ru[94.29.84.75]: 550 5.1.1 <ishop@ domain.com>: Recipient address rejected: User unknown in local recipient table; from=<augustina.marthbo@minpost.nu> to=<ishop@ domain.com> proto=ESMTP helo=<rqnyt>
Nov 16 13:46:27 s1host postfix/smtpd[27185]: NOQUEUE: reject: RCPT from ppp94-29-84-75.pppoe.spdop.ru[94.29.84.75]: 550 5.1.1 <dennis@ domain.com>: Recipient address rejected: User unknown in local recipient table; from=<augustina.marthbo@minpost.nu> to=<dennis@ domain.com> proto=ESMTP helo=<rqnyt>
Reply With Quote
Sponsored Links
 

Bookmarks

Tags
fail2ban postfix spam

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Undelivered Mail Returned to Sender Error202 General 5 7th May 2009 11:14
localhost postfix/master: fatal: bind 127.0.0.1 port 125: Permission denied g18c Installation/Configuration 4 24th March 2009 17:39
CentoS doesn't send the emails vaio1 Installation/Configuration 18 5th November 2008 17:51
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47
Verify email setup meekish Installation/Configuration 28 27th October 2006 15:36


All times are GMT +2. The time now is 23:38.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.